OS X Malware in iTunes

Just a reminder that, despite some OS-related claims, running some good anti-malware software is always a good idea.

Earlier today, I installed an app from the iTunes Store called “Instaquotes-Quotes Cards For Instagram”, as it was advertized as free for a limited time. As it turns out, sometimes you get what you paid for: no sooner had I downloaded the app than my anti-virus scanner, ClamXav (on top of Clam AV), caught what it reported to be malware called “Worm.VB-900” in the application.  Since I couldn’t find an official Apple policy on app support for reporting possible malware, I reported this finding to the Apple Discussion forum, where my findings were confirmed by other users.  I had done a few Internet searches before posting to see whether there were any other reports about this “in the wild”, but nothing came up at that time.  In the meanwhile, has written an article based on my post and other findings to confirm that the app does contain malware: though it’s a Windows-centric attack that should not harm Macs, some users who sync their libraries between Macs and PCs could easily have their Windows machines infected.

Presently, it seems this information has somehow made its way back to Apple, as the app is no longer available via iTunes.  That’s an encouraging sign that people in the right places are paying attention and taking swift and appropriate action.  But it would be silly to leave oneself unprotected when very good anti-malware software is available for OS X, and at little (or in the case of Clam AV, absolutely no) cost.

Update: As has been discussed in the Apple Discussion forum thread, Apple has indeed been notified, the infected app taken down, and the developer contacted regarding the infection, which they claim was an error and are working to replace with a clean file. Although it’s not so great to have downloaded an infected application, it’s nice to see people working to fix things so quickly.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s